Vulnerabilities > Dynpg

DATE CVE VULNERABILITY TITLE RISK
2021-11-02 CVE-2020-27406 Cross-site Scripting vulnerability in Dynpg 4.9.1
Cross Site Scripting (XSS) vulnerability in DynPG 4.9.1, allows authenticated attackers to execute arbitrary code via the groupname.
network
low complexity
dynpg CWE-79
5.4
2021-03-23 CVE-2021-27531 Cross-site Scripting vulnerability in Dynpg 4.9.2
A cross-site scripting (XSS) vulnerability in DynPG version 4.9.2 allows remote attackers to inject JavaScript via the "query" parameter.
network
low complexity
dynpg CWE-79
4.8
2021-03-23 CVE-2021-27530 Cross-site Scripting vulnerability in Dynpg 4.9.2
A cross-site scripting (XSS) vulnerability in DynPG version 4.9.2 allow remote attacker to inject javascript via URI in /index.php.
network
low complexity
dynpg CWE-79
4.8
2021-03-23 CVE-2021-27529 Cross-site Scripting vulnerability in Dynpg 4.9.2
A cross-site scripting (XSS) vulnerability in DynPG version 4.9.2 allows remote attackers to inject JavaScript via the "limit" parameter.
network
low complexity
dynpg CWE-79
4.8
2021-03-23 CVE-2021-27528 Cross-site Scripting vulnerability in Dynpg 4.9.2
A cross-site scripting (XSS) vulnerability in DynPG version 4.9.2 allows remote attackers to inject JavaScript via the "refID" parameter.
network
low complexity
dynpg CWE-79
4.8
2021-03-23 CVE-2021-27527 Cross-site Scripting vulnerability in Dynpg 4.9.2
A cross-site scripting (XSS) vulnerability in DynPG version 4.9.2 allows remote attackers to inject JavaScript via the "valueID" parameter.
network
low complexity
dynpg CWE-79
4.8
2021-03-23 CVE-2021-27526 Cross-site Scripting vulnerability in Dynpg 4.9.2
A cross-site scripting (XSS) vulnerability in DynPG version 4.9.2 allows remote attackers to inject JavaScript via the "page" parameter.
network
low complexity
dynpg CWE-79
4.8